Backup Collaboration Mobile Security Storage Strategy Virtualisation

Failure in the boardroom


Article Type:          Published: 07-2016         Views: 339      

PREVIOUS ARTICLE

NEXT ARTICLE







A lack of board accountability is opening up businesses to cyber-attacks

A new report has revealed the extent to which boardrooms are failing to get to grips with cyber-attacks, leaving their organisations wide open.

The independent study - led by Dr Chris Brauer, Institute of Management Studies, Goldsmiths University, University of London, in collaboration with Nasdaq and leading cybersecurity company Tanium - found that a lack of accountability at board and executive levels and no clear focus on cybersecurity has contributed to systemic data vulnerability in global companies.

The report, 'The accountability gap: cybersecurity & building a culture of responsibility', reveals how security chiefs are struggling to demonstrate the importance of cyber protection measures to their board members, primarily due to the lack of accountability for this issue.

"What the report does is make visible the key contemporary leadership challenges around cybersecurity, and benchmark the readiness and awareness for these challenges of the corporate leaders from a sampling of the world's largest organisations," says Brauer. "There is a lot of focus on cybersecurity risks in the public domain, and we sought to inform and impact calls-to-action for organisations to increase cyber accountability and reduce vulnerability."

Key findings of the report include:

• 40% of non-exec directors and C-suite don't feel responsible for the repercussions of cyber-attacks
• 91% of the most vulnerable board members cannot interpret a cybersecurity report (in the same way they'd read a financial report)
• CIOs are 50% more likely to be aware of the implications of a breach than non-exec directors.

"Business and government leaders grapple daily with innovation's double-edged sword: as new technologies introduce unprecedented levels of efficiency, speed, and capability to the world, a new wave of cybersecurity risks immediately follow, threatening that very technology and the people who use it. In many instances, the technology organisations use to protect themselves has dramatically failed to keep pace with the speed and agility of modern threats, creating billions of dollars of damage from data breaches annually," states the report.

ACCOUNTABILITY FACTOR
But this is only half the story, it adds. "Less visible is the widespread lack of personal and organisational accountability for the protection of a company's most sensitive data. This accountability gap shows up as dissonance between corporate leaders' current awareness and readiness for cybersecurity challenges, and where they need to be."

In the run-up to the report, Goldsmiths worked with a global panel of cybersecurity subject-matter experts to define the seven inherent challenges that make up cybersecurity vulnerability: Cyber Literacy, Risk Appetite, Threat Intelligence, Legislation & Regulation, Network Resilience, Response, and Behaviour.

The research team at Goldsmiths developed a statistical model for scoring readiness, awareness and vulnerability for these challenges and assessed through a survey of 1,530 non-executive directors (NED), C-level executives, chief information officers (CIO), and chief information security officers (CISO) across the UK, US, Germany, Japan, as well as Denmark, Norway, Sweden and Finland (Nordics). The intention of the study was to identify and understand where the gaps exist across all organisational levels around cybersecurity vulnerability from a people, process and technology perspective. This identified two vectors that make up cybersecurity vulnerability: knowing about the risk ('awareness') and having the ability to address it ('readiness').

The qualitative phase of this research focused on identifying the main challenges to achieving a high level of awareness and readiness. These served as key inputs into the quantitative study that plotted respondents on a cybersecurity vulnerability scale.

Page   1  2

Like this article? Click here to get the Newsletter and Magazine Free!

Email The Editor!         OR         Forward ArticleGo Top


PREVIOUS ARTICLE                    


NEXT ARTICLE